package com.aaa.security;

import org.springframework.security.core.Authentication;
import org.springframework.stereotype.Repository;

import javax.servlet.http.HttpServletRequest;

@Repository("rabcConfig")
public class RabcConfig {
    public boolean hasPermission(Authentication authentication , HttpServletRequest request){
        System.out.println("判断是否有权限");
        //判断是否登录
        Object principal=authentication.getPrincipal();
        if("anonymousUser".equals(principal)){
            System.out.println("未登录");
            return true;
        }else {
//            //请求路径：截取最后一部分，list
//            //emp/list
//            String uri=request.getRequestURI();
//            int lastindexOf=uri.lastIndexOf("/");
//            String endUrl=uri.substring(lastindexOf+1);
//            System.out.println("endUrl:"+endUrl);
//
//            Collection<? extends GrantedAuthority> authorities=authentication.getAuthorities();
//            System.out.println("authorities"+authorities);
//
//            Object[]array=authorities.toArray();
//            System.out.println(array[2]);
//            System.out.println(array[2].toString());
//            System.out.println(array[2].toString().equals(endUrl));
////            return array[2].toString().equals(endUrl);
            return true;
        }
    }
}
